﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;

public partial class ajax_getcatalog : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["id_user"] == null || Session["permission"] == null || ((int)Session["permission"]) <= 1 ||
            ((int)Session["permission"]) >= 5)
        {
            Response.Write("FAIL");
            return;
        }

        string catId = comm.to_sql(Request.QueryString["id"],"string");
        string sql = "SELECT projectId,name,description,priority FROM [catalog] WHERE id="+catId;
        DataTable dtTable = dal.SelectTable(sql);
        if (dtTable.Rows.Count != 1)
        {
            Response.Write("FAIL");
            return;    
        }

        int projectId = Int32.Parse(dtTable.Rows[0]["projectId"].ToString());

        #region check current user is enable to acccess project which contains current catalog
        SqlParameter[] listParams = new SqlParameter[3];
        //-- param 1: @userId
        int id = Int32.Parse(Session["id_user"].ToString());
        SqlParameter param = new SqlParameter("@userId", id);
        param.SqlDbType = SqlDbType.Int;
        param.Direction = ParameterDirection.Input;
        listParams[0] = param;

        //-- param 2: @projectId
        param = new SqlParameter("@projectId", projectId);
        param.SqlDbType = SqlDbType.Int;
        param.Direction = ParameterDirection.Input;
        listParams[1] = param;

        //-- param 3: @isAccess
        param = new SqlParameter();
        param.ParameterName = "@isAccess";
        param.SqlDbType = SqlDbType.Int;
        param.Direction = ParameterDirection.Output;
        listParams[2] = param;

        dal.ExecuteSP("proCheckAccessProject_GET", listParams);
        int enable = Int32.Parse(listParams[2].Value.ToString());
        if (enable == 0)
        {
            Response.Write("FAIL");
            return;
        }
        #endregion

        #region check user is enable to add/edit catalog to project
        if (((int)Session["permission"]) >= 4)
        {
            string sql1 = " SELECT permission FROM UserProject " +
                  " WHERE userId=" + comm.to_sql(id.ToString(), "number") +
                  " AND projectId=" + comm.to_sql(projectId.ToString(), "number");
            DataTable dtTable1 = dal.SelectTable(sql1);
            if (dtTable1.Rows.Count == 1)
            {
                int permission = Int32.Parse(dtTable1.Rows[0]["permission"].ToString());
                if (permission >= 5)
                    throw new Exception("FAIL");
            }
            else
                throw new Exception("FAIL");
        }
        #endregion

        string json = "";// "{";
        //DataRow row = dtTable.Rows[0];
        //json += "'name':'" + row["name"].ToString() + "',";
        //json += "'description':'" + row["description"].ToString() + "',";
        //json += "'projectId':'" + row["projectId"].ToString() + "',";
        //json += "'priority':'" + row["priority"].ToString() + "'}";
        json = JsonConvert.SerializeObject(dtTable.Rows[0].Table);

        Response.Write(json);
        return;

    }
}
